Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/sSGIvz8NLNt51HW3T4NoW0gJwlM.roa
File: sSGIvz8NLNt51HW3T4NoW0gJwlM.roa (raw, json)
Hash identifier: GWjzG66+tPKMUE3tCZol4J84R8wC9Gi+LyBrCvZYWGo=
Subject key identifier: B1:21:88:BF:3F:0D:2C:DB:79:D4:75:B7:4F:83:68:5B:48:09:C2:53
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0FE9
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/sSGIvz8NLNt51HW3T4NoW0gJwlM.roa
Signing time: Mon 26 Aug 2024 05:15:52 +0000
ROA not before: Mon 26 Aug 2024 05:15:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 222.251.0.0/17 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4073 (0xfe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:15:52 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B12188BF3F0D2CDB79D475B74F83685B4809C253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e6:95:79:0e:84:8d:4e:3d:22:ed:7d:c2:4b:
cf:5c:1a:be:6c:d0:56:a6:e8:24:43:c6:63:d2:1d:
91:b2:32:63:49:e6:97:e8:12:0b:66:a4:9d:d5:07:
b3:0d:43:f8:5e:6b:da:03:dd:32:41:4b:d2:51:b8:
45:57:10:1c:38:fa:8b:97:4c:8d:35:25:c0:bc:dc:
19:07:a4:82:f8:93:0b:3d:71:73:dc:b2:97:f4:a5:
d1:8d:94:a5:b0:32:da:8a:4b:56:aa:37:d5:4b:de:
dc:ba:94:0b:98:2c:6a:d3:37:e5:91:9f:b6:48:89:
06:b2:b7:b2:e8:00:62:a8:13:4b:c5:73:0f:f0:c7:
99:21:f3:73:bf:c1:74:a0:8e:e9:7e:5c:5f:a6:50:
4f:aa:f9:b0:35:9d:f7:99:76:c0:9f:e4:ad:ce:8f:
89:89:27:fa:af:ac:20:65:08:3a:5f:bd:eb:be:71:
a1:92:d1:02:61:d8:ee:38:d0:f1:90:5a:c0:66:3a:
f3:b0:9d:3c:17:2a:ad:7c:4f:f6:17:34:22:68:43:
0d:75:e7:ac:bb:0f:f4:5c:62:69:e4:b7:3d:bb:79:
ee:da:96:3f:95:c0:6c:b7:bd:de:4c:8a:80:a8:d2:
b0:e8:c9:8d:d8:da:81:6b:ba:81:dd:6f:32:3d:0b:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:21:88:BF:3F:0D:2C:DB:79:D4:75:B7:4F:83:68:5B:48:09:C2:53
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/sSGIvz8NLNt51HW3T4NoW0gJwlM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.251.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a8:47:26:b9:89:56:99:8e:96:0f:23:7b:56:3b:01:d9:56:04:
02:db:af:8a:33:27:63:9c:c0:ec:00:2f:1a:af:f1:99:9c:1d:
9a:a5:d3:60:b8:43:43:4d:60:c8:f9:6e:aa:af:8c:73:7a:73:
25:7a:91:dc:0c:e9:0b:b9:38:b1:0a:b6:c7:3e:19:ba:37:ed:
d3:7d:97:75:0e:36:1e:dc:81:4c:8c:b6:2e:34:22:6d:80:4a:
48:d2:7e:fc:1f:8d:1f:8c:76:fe:80:37:25:4a:e1:b6:4c:95:
9e:47:33:a3:6f:6a:66:1a:95:31:c0:4d:e2:27:6b:b4:25:a1:
35:c6:b8:d1:c5:52:7b:16:60:42:95:01:77:a8:48:ad:99:f2:
01:73:a7:57:36:86:99:1a:4a:c6:ee:26:16:84:56:db:52:d7:
69:d4:e0:74:b7:d6:6b:18:34:58:64:94:92:c5:26:a0:96:66:
ca:f2:7b:62:b3:ae:37:76:09:67:35:29:9c:4c:85:6c:09:a1:
8f:f3:08:75:a4:62:ed:f3:ab:74:13:2f:4b:d8:60:fa:8c:6f:
11:c9:ab:25:29:a6:8a:49:5c:07:b5:80:e8:a8:0e:0b:f1:c7:
37:02:fb:81:e7:dd:48:3c:0f:11:0d:1b:fb:f2:04:6a:06:1e:
80:bc:ec:4e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE1NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIxMjE4OEJGM0YwRDJD
REI3OUQ0NzVCNzRGODM2ODVCNDgwOUMyNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCY5pV5DoSNTj0i7X3CS89cGr5s0Fam6CRDxmPSHZGyMmNJ5pfo
EgtmpJ3VB7MNQ/hea9oD3TJBS9JRuEVXEBw4+ouXTI01JcC83BkHpIL4kws9cXPc
spf0pdGNlKWwMtqKS1aqN9VL3ty6lAuYLGrTN+WRn7ZIiQayt7LoAGKoE0vFcw/w
x5kh83O/wXSgjul+XF+mUE+q+bA1nfeZdsCf5K3Oj4mJJ/qvrCBlCDpfveu+caGS
0QJh2O440PGQWsBmOvOwnTwXKq18T/YXNCJoQw1156y7D/RcYmnktz27ee7alj+V
wGy3vd5MioCo0rDoyY3Y2oFruoHdbzI9C+zNAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUsSGIvz8NLNt51HW3T4NoW0gJwlMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3NTR0l2ejhOTE50NTFIVzNUNE5vVzBn
SndsTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfe+wAwDQYJ
KoZIhvcNAQELBQADggEBAKhHJrmJVpmOlg8je1Y7AdlWBALbr4ozJ2OcwOwALxqv
8ZmcHZql02C4Q0NNYMj5bqqvjHN6cyV6kdwM6Qu5OLEKtsc+Gbo37dN9l3UONh7c
gUyMti40Im2ASkjSfvwfjR+Mdv6ANyVK4bZMlZ5HM6NvamYalTHATeIna7QloTXG
uNHFUnsWYEKVAXeoSK2Z8gFzp1c2hpkaSsbuJhaEVttS12nU4HS31msYNFhklJLF
JqCWZsrye2Kzrjd2CWc1KZxMhWwJoY/zCHWkYu3zq3QTL0vYYPqMbxHJqyUppopJ
XAe1gOioDgvxxzcC+4Hn3Ug8DxENG/vyBGoGHoC87E4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:47 2025 by rpki-client